<?php
/**
 * 后台管理员权限控制模块
 * @author chenhao
 * @since 2010-1-07
 */
include( "inc/header.php" );
login_check( );
echo"<script type=\"text/javascript\">";
echo"function ShowMenu(MenuID) ";
echo"	{ ";
echo"	if(MenuID.style.display==\"none\") ";
echo"	{ ";
echo"	MenuID.style.display=\"\"; ";
echo"	} ";
echo"	else ";
echo"	{ ";
echo"	MenuID.style.display=\"none\"; ";
echo"	} ";
echo"	}";
echo"</script>";
echo "<body>\r\n<table width=\"98%\" border=\"1\" align=\"center\" cellpadding=\"5\" cellspacing=\"0\" class=\"table\">\r\n  <tr>\r\n    <td>您可以在这里为该管理员指定相应的栏目操作权限，请确保你的操作正确；<span style=\"color:red;\">当管理员为\"超级管理员\"时以下各项操作无效</span></td>\r\n  </tr>\r\n</table>\r\n<br>\r\n";
switch ($_GET['Action']){
	case 'edits':
		global $db,$conn;
		//删除已存在管理员用户权限记录
		@mysql_query("DELETE FROM tun2_acl WHERE uid={$_GET[uid]}",$Conn);
		//取得POST提交过来的权限值，并组装成字符串写入数组
		$db->query("SELECT id FROM tun2_columns");
		while ($db->next_record( )){
			if(count($_POST["acl_{$db->Record[id]}"])>0){
				foreach ($_POST["acl_{$db->Record[id]}"] as $value){
					$acl_value .= $value.',';
				}
				$acl_value = substr($acl_value,0,-1);
				$sql = "INSERT INTO tun2_acl(uid,class_id,acl_value) VALUES ('{$_GET[uid]}','{$db->Record[id]}','$acl_value')";
				mysql_query($sql,$Conn);
				unset($acl_value);
			}
		}
		addlog("管理员权限设置", $_SESSION['user_name']);
		admin_showerr( "<li>权限设置成功</li>", "Admin_Set.php", 1 );
		break;
	default:
		global $db,$conn,$page,$classid,$intPerpage,$execc,$upfile,$webdir,$_acl;
		$GLOBALS["id"] =1;
		$jibie=1;
		$sql="select * from tun2_columns where bid=0  Order by columnswith desc,id asc";
		$result=mysql_query($sql,$Conn);
		//显示栏目列表
		if(mysql_num_rows($result)>0){
			echo "<form id=\"aclForm\" name=\"aclForm\" method=\"post\" action=\"Admin_Acl.php?Action=edits&uid={$_GET[uid]}\">\r\n";
			TreeMenu($Conn,$result,$jibie,$_GET['uid']);
			echo "<table width=\"98%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\r\n<tr>\r\n<td height=\"50\" align=\"center\"><input type=\"submit\" name=\"Submit\" value=\"确 认\" /></td>\r\n</tr>\r\n</table></form>";
		}
}
echo "\r\n</body>\r\n</html>";

//进入函数循环，分类历遍
function TreeMenu($Conn,$result,$jibie,$uid)
{
	//系统约定权限值
	$_acl = array(0 => "添加内容",
				  1 => "修改内容",
	              /*2 => "查看内容",*/
	              3 => "删除内容",
	              //4 => "添加顶级栏目",
	              5 => "添加子栏目",
	              6 => "编辑栏目",
	              7 => "删除栏目"
	            );
	$numrows=mysql_num_rows($result);
	echo "<table width=\"98%\" border=\"1\" align=\"center\" cellpadding=\"5\" cellspacing=\"0\" class=\"table\">";
	for($rows=0;$rows<$numrows;$rows++)
	{
		$menu=mysql_fetch_array($result);
		$sql="select * from tun2_columns where bid=$menu[id]  Order by columnswith desc,id asc";
		$result_sub=mysql_query($sql,$Conn);
		echo "<tr>";
		//如果该菜单项目有子菜单，则添加JavaScript onClick语句
		if(mysql_num_rows($result_sub)>0)
		{
			echo "<td width='20'><img src='images/+.gif' border='0'></td>";
			echo "<td class='Menu' >";
		}
		else
		{
			echo "<td width='20'><img src='images/-.gif' border='0'></td>";
			echo "<td class='Menu'>";
		}
		if($menu[url]!="")
		echo "<a href='$menu[url]'><span class=lmbt>$menu[columnsname]</span></a> ";
		else
		echo "<span class=lmbt onClick='javascript:ShowMenu(Menu".$GLOBALS["ID"].");'><font color=\"gray\" class=\"nob\">(id:$menu[id])</font> $menu[columnsname]</span> <span class=\"lmright\">";
		//显示权限操作项
		$check_sql = "SELECT acl_value FROM tun2_acl WHERE uid={$uid} AND class_id={$menu[id]}";
		$check_result = mysql_query($check_sql,$Conn);
		$check_row = mysql_fetch_array($check_result);
		if(!empty($check_row)){
			$check_row_arr = explode(',',$check_row['acl_value']);
		}else {
			$check_row_arr = array();
		}
		foreach ($_acl as $key => $value){
			echo "<input type=\"checkbox\" name=\"acl_{$menu[id]}[]\" value=\"{$key}\"";
			if(count($check_row_arr)>0){
				foreach ( $check_row_arr as $acl_value_num){
					echo ($acl_value_num == $key) ? "checked" : " ";
				}
			}
			echo " /> {$value}"; //将复选框以数组形式传值
		}
		unset($check_row);
		echo "</td> </tr>";
		if(mysql_num_rows($result_sub)>0)
		{
			//echo "<tr id=Menu".$GLOBALS["ID"]++." style='display:none'>";
			echo "<tr id=Menu".$GLOBALS["ID"]++." style='display:'>";
			echo "<td width='20'> </td>";
			echo "<td>";
			//将级数加1
			$jibie++;
			TreeMenu($Conn,$result_sub,$jibie,$uid);
			$jibie--;
			echo "</td></tr>";
		}
		//显示下一菜单
	}
	echo "</table>";
}
echo"</table>";
?>